Qi-Scape

**Name of the Vulnerable Software and Affected Versions** Ray versions 2.53.0 and below **Description** Ray’s dashboard HTTP server does not adequately protect DELETE requests, and key DELETE endpoints are unauthenticated by default. If the dashboard/agent is reachable, a web page using DNS rebinding or same-network access can issue DELETE requests that shut down Serve or delete jobs without user interaction, resulting in a denial-of-service condition. The vulnerable endpoints include: - `/api/serve/applications/` which calls `serve.shutdown()`. - `/api/jobs/{job or submission id}`. - `/api/job agent/jobs/{job or submission id}`. The issue arises because the `get browsers no post put middleware` function only checks POST and PUT requests, neglecting DELETE requests. Browser requests include headers like `User-Agent` and `Origin`, but the middleware does not prevent unauthorized DELETE requests. Dashboard token authentication is optional and disabled by default, increasing the risk when binding to 0.0.0.0 for remote access. **Recommendations** Update to Ray version 2.54.0 or higher.